Assessing Project Risk Using CHAOSS Metrics
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore the challenges and opportunities in measuring open source software project health and sustainability in this conference talk from the CHAOSS project. Delve into the complexities of assessing project risk using CHAOSS metrics, focusing on five key areas: security, code quality, licensing, transparency, and sustainability. Learn about the CHAOSS mission, working groups, and key stakeholders involved in developing risk metrics. Examine the risk framework, including concepts like wargames, trusted devices, and software bill of materials. Gain insights into evaluating code quality, accurate identification, test coverage, and licensing issues. Discover how to assess project sustainability and understand various dimensions of risk in open source projects. Conclude with a discussion on additional risk concerns and an opportunity for questions.
Syllabus
Introduction
CHAOSS Mission
CHAOSS Working Groups
Key Stakeholders
Risk Framework
Wargames
Open Source
Trusted Device
Quality of Code
Accurate Identification
Test Coverage
Licensing
Auger
Project Sustainability
Risk Metrics
Software BOM
Dimensions of Risk
Other Risk Concerns
Questions
Taught by
Linux Foundation
Tags
Related Courses
Target Rich Cyber PoorBSidesLV via YouTube The A's, B's, and Four C's of Testing Cloud-Native Applications
LASCON via YouTube SBOM Challenges and How to Fix Them
BSidesLV via YouTube The Case for Software Bill of Materials
BSidesLV via YouTube Collaborating to Improve Open Source Security - How the Ecosystem Is Stepping Up
RSA Conference via YouTube